After the crime: Experiences of cyber security incidents

Authored on
4 years 8 months ago
Complete
Project Type
Evaluation report
Policy Area
Cyber
Partner agencies
The Australian Cyber Security Centre (ACSC)
Registration date
Wednesday, 12 February 2020

Since the launch of ReportCyber, there has been approximately one report made every ten minutes. Many more incidents are likely to go unreported. To better understand how and why people become the victim of cyber incidents, BETA dedicated a section of our research on cyber security (including focus groups, two surveys, and analysis of feedback on the ReportCyber tool) to the topic of experiencing a cyber incident. We found more than half of our survey participants had experienced some kind of cyber incident in the previous twelve months. Based on our findings, cyber security advice would be most impactful if it were tailored according to several factors: individual’s level of cyber security awareness, their time spent online and the type of activities they engage in, and their perceptions about their ability to change their practices. Of those who reported the incident to authorities, most people were motivated by a desire to help protect others from experiencing a similar incident. Based on this finding, drawing on people’s sense of altruism could be an effective way of encouraging more people to report cyber incidents to authorities.

This is part of a series of reports on applying behavioural insights to improve cyber security advice for individuals and small businesses in Australia. Other related reports are available here: